Code execution through MIME-type association of Mono interpreter

Published: Feb 28 2023

A dangerous file type association in Debian which could be used to trigger arbitrary code execution.

More example of argument and shell command injections in browser invocation

Published: May 30 2018

In the previous episode, I talked about some argument and shell command injections vulnerabilities through URIs passed to browsers. Here I am evaluating some other CVEs which were registered at the same time (not by me).

Argument and shell command injections in browser invocation

Published: May 28 2018

I found an argument injection vulnerability related to the handling of the BROWSER environment variable in sensible-browser. This lead me (and others) to a a few other argument and shell command injection vulnerabilities in BROWSER processing and browser invocation in general.

Verifying authenticity of Debian CDs

Published: May 10 2015

The official guide for verifying the authenticity of a Debian 🍥 CD image is not so clear if you don't already have an idea about what you are doing. Here is a translation in terms of shell commands.

Compile a mixed 32 bit/64 bit wine for Debian

Published: Aug 20 2014

The Wine 🍷 wiki has instructions for building a shared WoW64 Wine : this needs two out of source builds. The issue is that some developement packages are not multiarch co-installable. Another wiki page for Ubuntu recommends setting up a 32-bit LXC. Here is how I did it without a 32-bit container on Debian 🍥 testing.

Page 1 of 1 | Previous page | Next page | JSON Feed | Atom Feed